使用多个密钥加密/解密

发布于 2024-07-13 22:18:21 字数 144 浏览 12 评论 0原文

是否可以对数据进行加密,以便可以使用多个不同的密钥对其进行解密?

例子:

我已使用密钥 1 加密数据,但我希望能够使用密钥 2、3 和 4 解密。

这可能吗?

Is it possible to encrypt data, such that it can be decrypted with several different keys?

Example:

I've encrypted data with key1, but I want to be able to decrypt with keys 2, 3, and 4.

Is this possible?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(5

你如我软肋 2024-07-20 22:18:21

GnuPG 按照标准进行多密钥加密。

以下命令将使用 Alice 的公钥和 Bob 的公钥对 doc.txt 进行加密。 Alice 可以使用她的私钥解密。 Bob 还可以使用他的私钥进行解密。

gpg --encrypt --recipient [email protected] \
    --recipient [email protected] doc.txt

标题为“加密和解密文档”的用户指南部分详细介绍了此功能”

GnuPG does multi-key encryption in standard.

The following command will encrypt doc.txt using the public key for Alice and the public key for Bob. Alice can decrypt using her private key. Bob can also decrypt using his private key.

gpg --encrypt --recipient [email protected] \
    --recipient [email protected] doc.txt

This feature is detailed in the user guide section entitled "Encrypting and decrypting documents"

居里长安 2024-07-20 22:18:21

是的,这是可能的 是

的,可以对多个收件人进行加密。 此外,当您认为您可能希望能够阅读您发送给某人的内容并且为此需要位于收件人列表中时,这似乎是合乎逻辑的。

命令行

以下是如何通过 gpg 命令行执行此操作(如 David Segonds 的回答):

gpg --encrypt \
  --recipient [email protected] \
  --recipient [email protected] \
clear-message.txt

GUI 客户端

你的 GUI 必须提供一种为多人加密的方法

机制

有一个关于信息安全的问题,具有多个收件人的 GPG 文件大小?,解释加密机制

GPG 使用对称密钥对文件加密一次,然后放置标头
识别目标密钥对和加密版本
对称密钥。

[...] 当加密给多个收件人时,此
标头被多次放置,提供唯一的加密版本
每个接收者都使用相同的对称密钥

Yes it's possible

Yes encryption for multiple recipients is possible. Also it seems logical when you think that you might want to be able to read what you've sent to someone and to do so you need to be in the recipients list.

Command line

Here is how to do it through gpg command line (as described in David Segonds' answer):

gpg --encrypt \
  --recipient [email protected] \
  --recipient [email protected] \
clear-message.txt

GUI client

Your GUI must provide a way to encrypt for several people

Mechanism

There is a question on Information Security, GPG File size with multiple recipients?, that explain the encryption mechanism:

GPG encrypts the file once with a symmetric key, then places a header
identifying the target keypair and an encrypted version of the
symmetric key.

[...] When encrypted to multiple recipients, this
header is placed multiple times providing a uniquely encrypted version
of the same symmetric key for each recipient
.

嗼ふ静 2024-07-20 22:18:21

GnuPG 和 PGP 客户端通常使用称为“会话密钥”的对称密钥来加密实际数据。 然后使用每个“接收者密钥”(即您使用 -r/--recipient 指定的密钥)对会话密钥进行加密。 这有时被称为混合密码。 现在,我相信 GnuPG 默认使用 256 位会话密钥和 AES 将明文数据加密为 AES-256 会话密钥,而您的接收密钥是 RSA/DSA/ECDSA/等。 在这种情况下是非对称密钥。

这样做的原因之一是 AES 等对称加密算法通常比 RSA 等非对称加密算法快得多。 因此,GnuPG 只需使用 RSA 加密约 256 位(会话密钥),并且可以使用 AES 来使用该会话密钥加密数据(与您想要的数据一样大!)。 Intel 机器甚至有一个内置指令 AES-NI,在硬件中执行算法的一些步骤,这使得 GnuPG加密/解密数据格外敏捷。

这样做的另一个原因是它允许将 PGP 加密的文档加密给多方,而不必将文档的大小加倍。 请注意,当您为加密文档指定多个收件人(例如 gpg -ea -r Alice -r Bob -o ciphertext.asc)时,存储的加密文档 (ciphertext.asc) 不是 2x就像您刚刚将其加密给 Alice 一样大。

另请参阅 gpg 手册页 中的 --show-session-key 参数能够仅解密会话密钥,例如允许第三方解密为您加密的文档,而无需将您的私钥或明文数据传输给他们。

GnuPG and PGP clients in general usually encrypt the actual data with a symmetric key called a "session key". The session key is then encrypted with each "recipient key" (i.e. the ones you specify with -r/--recipient). This is sometimes referred to as a hybrid cipher. Right now, I believe GnuPG by default uses an 256 bit session keys and AES to encrypt the plaintext data to that AES-256 session key, and your recipient keys are your RSA/DSA/ECDSA/etc. assymetric key in this case.

One reason for doing it this way is that symmetric cryptographic algorithms like AES are generally a lot faster than asymmetric ones like RSA. GnuPG thus only has to encrypt ~256 bits (the session key) with RSA, and can use AES to encrypt the data (as large as you want it to be!) with that session key. Intel machines even have a built in instruction, AES-NI, to do some steps of the algorithm in hardware, which makes GnuPG extra snappy at encrypting/decrypting data.

Another reason for doing it this way is that it allows PGP-encrypted documents to be encrypted to multiple parties without having to double the size of the document. Notice that when you specify multiple recipients for an encrypted document (e.g. gpg -ea -r Alice -r Bob -o ciphertext.asc), the encrypted document that gets stored (ciphertext.asc) is not 2x as large as if you had just encrypted it to Alice.

See also the --show-session-key parameter in the gpg man page to be able to decrypt just the session key, for example to allow a third party to decrypt a document that is encrypted to you without having to transfer to them your private key or the plaintext data.

冷…雨湿花 2024-07-20 22:18:21

是的,这是可能的。 首先谷歌“多方加密”。

AFAIK,但是没有将它们放入并使用它们的软件包。

——马库斯

Q 要了解如何完成此操作的草图,请考虑以下内容。 加密消息包括:

  • 有效负载,使用一次性密码本加密 一次性密码本
  • ,使用密钥 1 加密
  • 一次性密码本,使用密钥 2 加密
  • ...
  • 一次性密码本,使用密钥 N 加密

持有密钥的接收者 i 只是用他们的密钥解密他们的密码本副本,然后解密有效负载。

然而,这只是一个证明,它可以完成,并且作为实际实现会糟糕。 如果可能的话,您应该避免滚动自己的加密。 如果您不明白为什么,您绝对应该避免滚动自己的加密。

-----编辑 ------------

如果我错了并且 Gnu 工具可以做到这一点,请使用它们。 但我似乎找不到任何有关如何做到这一点的信息。

Yes, it's possible. Google "multiparty encryption" for a start.

AFAIK, there are no drop 'em in and use 'em packages for it though.

-- MarkusQ

P.S. For a sketch of how it could be done, consider this. The encrypted message consists of:

  • the payload, encrypted with a one-time pad
  • the one time pad, encrypted with key1
  • the one time pad, encrypted with key2
  • ...
  • the one time pad, encrypted with keyN

The recipient who hold key i just decrypts their copy of the pad with their key, and then decrypts the payload.

However, this is just a proof that it could be done and would suck as an actual implementation. If at all possible, you should avoid rolling your own encryption. If you don't understand why, you should definitely avoid rolling your own encryption.

-----Edit ------------

If I'm wrong and the Gnu tools do that, use them. But I can't seem to find any information on how to do it.

友谊不毕业 2024-07-20 22:18:21

多个(两个以上)密钥 RSA也许是这样的 - 好吧,我不是数学家,所以这个算法不一定安全,我只是想给出一个想法。

m=p*q*r; p,q,r 是大素数

fi(m)=(p-1)(q-1)(r-1)

d==(e1*e2*e3*...* ei)^(-1) (mod fi(m)); e1...ei 是任意数,计算 d 以满足方程

y1==x^e1 (mod m)

y2==y1^e2 (mod m)

y3==y2^e3 (mod m)

...

x ==yi^d (mod m)

该算法可用于提高洋葱路由器的速度等。

Multiple (more than two) key RSA is maybe like this - well i'm not a mathematician, so this algorithm is not necessarily secure, i just want to give an idea with it.

m=p*q*r; p,q,r are big prime numbers

fi(m)=(p-1)(q-1)(r-1)

d==(e1*e2*e3*...*ei)^(-1) (mod fi(m)); e1...ei are arbitrary numbers, d is calculated to fulfill the equation

y1==x^e1 (mod m)

y2==y1^e2 (mod m)

y3==y2^e3 (mod m)

...

x==yi^d (mod m)

This algorithm could be used for example to increase the speed of The Onion Router.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文